<?
include_once "../../Lib/DBMySql.inc";
include_once "../../Lib/Common.php";
include_once "../../Lib/Lib.php";
include_once "../../Entities/usersObj.php";
include_once "../../DAL/usersDAL.php";
include_once "../../Lib/Content.php";
include_once "../../Lib/Session.php";

$title		= "CHANGE PASSWORD";

$mainDB = NewDB(DATABASE_HOST, DATABASE_NAME , DATABASE_USER, DATABASE_PASSWORD);
$pageError	= "";

if(isset($act) && $act=="CHANGE"){
   
   $users = usersDAL::Load($mainDB, $_SESSION["UserID"], $$pageError);
   $newpasswd = $passwd; 	
   $oldpasswd = $oldpasswd; 	
   if ($users->password  != md5(trim($oldpasswd))) 
	   $pageError = " You type wrong old password.";
   else if($newpasswd != $passwdconf){
	   $pageError = "Confirm password doesn't match.";
   } else  {
		if ($users!=null)
		{
			$users->password = md5($passwd);
			if (usersDAL::Update($mainDB, $users, $pageError))
				$pageError = "Your password has changed.";
		} else {
			$pageError = "Invalid changing password.";
		}
   }
}

include "../header.php";
?>
<form method="post" name="changepass" action="<? echo $_SERVER['../PHP_SELF']; ?>">
<input type=hidden name=act value="CHANGE">
<table width="99%" border="0" cellspacing="0" cellpadding="0" align="right">
	<tr valign=middle> 
		<td class="titleText" colspan=3 height=25><? echo $title;?></td>
	</tr>
	<tr valign=middle> 
		<td colspan=3 height=3 bgcolor="#FFFFFF"></td>
	</tr>
	<tr> 
		<td align="center" valign="top" colspan=3 bỏ>
			<table width="100%" border=0 cellspacing="0" class="formBackGround">
				<tr>
					<td>
						<TABLE border=0 cellPadding=0 cellspacing="0" width="100%">
							<tr class="gridHeader">
								<td colspan=4 height=20 class='errorText'>&nbsp; <? echo $pageError;?>&nbsp;</td>
							</TR>
							<tr class="gridBody" height=10>
								<td colspan=4 height=10>&nbsp;</td>
							</TR>
							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Old password:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=password name="oldpasswd" value="<? echo $oldpasswd;?>" size=50 class='inputText'>&nbsp;</td>
							</TR>
							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>New password:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=password name="passwd" value="<? echo $passwd;?>" size=50 class='inputText'>&nbsp;</td>
							</TR>
							<tr class="gridBody">
								<td width="10" nowrap>&nbsp;</td>
								<td width="20%" nowrap>Confirm new password:&nbsp;</td>
								<td width="10" nowrap>&nbsp;</td>
								<td width="80%" nowrap><input type=password name="passwdconf" value="<? echo $passwdconf;?>" size=50 class='inputText'>&nbsp;</td>
							</TR>
							<tr class="gridBody" height=30>
								<td colspan=3 height=30>&nbsp;</td>
								<td>
									<a href="#" onClick="document.changepass.submit();" class="buttonlink"><b><? echo $btnSave_Value;?></b></a>
								</td>
							</TR>
							<tr class="gridFooter" height=10>
								<td colspan=4 height=10></td>
							</TR>
						</TABLE>
					</td>
				</tr>
			</TABLE>
		</td>
	</tr>
</table>
</form>
<?
include "../footer.php";
?>